Skills
skills/proffesor-for-testing/agentic-qe/test-failure-investigator/Gen Agent Trust Hub

test-failure-investigator

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands using npx jest and git to reproduce failures and analyze code history. This is consistent with the skill's primary purpose of test investigation.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because it processes untrusted data from test files and commit histories.
  • Ingestion points: Reads content from {{test_file}}, {{test_name}}, and {{related_source_files}}.
  • Boundary markers: Absent; there are no explicit delimiters or instructions to ignore embedded commands within the processed files.
  • Capability inventory: Can execute arbitrary code via npx jest (which runs the code within the test files) and read filesystem metadata via git.
  • Sanitization: Absent; the skill does not perform validation or escaping on the paths or contents provided to the shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 07:27 AM